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IN THE CLAIMS 

Please amend claims 4, 10 and 16 as indicated below. 

This listing of claims will replace all prior versions, and listings, of claims in 
the application. 

Listing of Claims: 

Claim 1 (cancelled) 

1 Claim 2 (previously presented) A method for initializing a first device distributed 

2 with an embedded radio module using a server, said server having an embedded radio 

3 module, said method comprising the steps of: 

4 sending an inquiry fi-om said server to said first device using said embedded 

5 radio modules; 

6 retuming, fi"om said first device, a unique device identifier of said first device, 

7 to said server; 

8 creating, at said server, a public key, private key pair for said first device; 

9 creating, at said server, a device certificate for said first device, said device 

10 certificate having a unique hardware identifier associated with said first device and a 

1 1 pubhc key associated with said first device; 

12 transmitting said private key, and said device certificate, and a pubhc key of a 

13 Certificate Authority which signed said device certificate, to said first device; and 

14 storing said private key in non-removable protected storage at said first 

15 device; 

16 wherein said protected storage is write-only storage able to perform 

17 computations involving previously- written data. 

1 Claim 3 (previously presented) A method as claimed in claim 2 wherein a copy of 

2 said certificate is stored in an enterprise database. 
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1 Claim 4 (currently amended) A m e thod as claim e d in claim 2 A method for 

2 initializing a first device distributed with an embedded radio module using a server, 

3 said server having an embedded radio module, said method comprising the steps of: 

4 sending an inquiry from said server to said first device using said embedded 

5 radio modules; 

6 returning, from said first device, a unique device identifier of said first device, 

7 to said server; 

8 creating, at said server, a public key, private key pair for said first device; 

9 creating, at said server, a device certificate for said first device, said device 

10 certificate having a unique hardware identifier associated with said first device and a 

11 public key associated with said first device; 

12 transmitting said private key, and said device certificate, and a public key of a 

13 Certificate Authority which signed said device certificate, to said first device; and 

14 storing said private key in non-removable protected storage at said first 

15 device; 

16 wherein said protected storage is write-only storage able to perform 

17 computations involving previously-written data; 

1 8 wherein a copy of said certificate is stored in an LD AP directory 
Claim 5 (cancelled) 

1 Claim 6 (previously presented) A method for initializing a first device distributed 

2 with an embedded radio module using a server, said server having an embedded radio 

3 module, said method comprising the steps of: 

4 sending an inquiry from said server to said first device using said embedded 

5 radio modules; 

6 creating, at said first device, a public key, private key pair for said first device; 

7 storing, at said first device, said private key in non-removable protected 

8 storage; 

9 returning, from said first device, a unique device identifier and said pubHc key 
10 of said first device, to said server; 
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1 1 creating, at said server, a device certificate for said first device, said device 

12 certificate having said device identifier and said public key; and 

13 transmitting said device certificate and a public key of a Certificate Authority 

14 w^hich signed said device certificate to said first device; 

15 wherein said protected storage is a v^rite-only storage able to perform 

1 6 computations involving previously- written data. 

Claim 7 (cancelled) 

1 Claim 8 (previously presented) A system for initializing a first device distributed 

2 with an embedded radio module using a server, said server having an embedded radio 

3 module, said system comprising: 

4 a commtinications mechanism for sending an inquiry from said server to said 

5 first device using said embedded radio modules, and returning, fi"om said first device, 

6 a unique device identifier of said first device, to said server; 

7 a processor at said server for creating a public key, private key pair for said 

8 first device; and 

9 a device certificate, created at said server, for said first device, said device 

10 certificate having a unique hardware identifier associated with said first device and a 

1 1 public key associated with said first device; 

12 wherein said communications mechanism transmits said private key, and said 

13 device certificate, and a public key of a Certificate Authority which signed said 

14 device certificate, to said first device; and, said processor stores said private key in 

1 5 non-removable protected storage at said first device; 

16 wherein said protected storage is write-only storage able to perform 

17 computations involving previously- written data. 

1 Claim 9 (previously presented) A system as claimed in claim 8 wherein a copy of 

2 said certificate is stored in an enterprise database. 
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1 Claim 10 (currently amended) A syst e m as claimed in claim 8 A system for 

2 initializing a first device distributed with an embedded radio module using a server. 

3 said server having an embedded radio module, said system comprising: 

4 a communications mechanism for sending an inquiry from said server to said 

5 first device using said embedded radio modules, and returning, from said first device, 

6 a unique device identifier of said first device, to said server; 

7 a processor at said server for creating a public key, private key pair for said 

8 first device; and 

9 a device certificate, created at said server, for said first device, said device 

10 certificate having a unique hardware identifier associated with said first device and a 

11 public key associated with said first device; 

12 wherein said communications mechanism transmits said private key, and said 

13 device certificate, and a public key of a Certificate Authority which signed said 

14 device certificate, to said first device; and, said processor stores said private key in 

15 non-removable protected storage at said first device; 

16 wherein said protected storage is write-only storage able to perform > 

17 computations involving previously- written data; 

1 8 wherein a copy of said certificate is stored in an LD AP directory. 
Claim 1 1 (cancelled) 

1 Claim 12 (previously presented) An initialization system, said system comprising: 

2 a first device, said first device having an embedded radio module; 

3 a server, said server having an embedded radio module; 

4 a communications mechanism, said communications mechanism sending an 

5 inquiry firom said server to said first device using said embedded radio modules; 

6 wherein said first device creates a public key, private key pair for said first 

7 device, stores said private key in non-removable protected storage, and returns a 

8 unique device identifier and said public key of said first device, to said server; 

9 said server creates a device certificate for said first device, said device 
10 certificate having said device identifier and said public key; and transmits said device 
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certificate and a public key of a Certificate Authority which signed said device 
certificate to said first device; 

wherein said protected storage is a write-only storage able to perform 
computations involving previously- written data. 

Claim 1 3 (cancelled) 

Claim 14 (previously presented) A computer program product embodied in a machine, 
readable medium for initializing a first device distributed with an embedded radio 
module using a server, said server having an embedded radio module, wherein said 
computer program product comprises the programming steps of: 

sending an inquiry firom said server to said first device using said embedded 
radio modules; 

returning, from said first device, a unique device identifier of said first device, 
to said server; 

creating, at said server, a public key, private key pair for said first device; 

creating, at said server, a device certificate for said first device, said device 
certificate having a unique hardware identifier associated with said first device and a 
public key associated with said first device; 

transmitting said private key, and said device certificate, and a public key of a 
Certificate Authority which signed said device certificate, to said first device; and 

storing said private key in non-removable protected storage at said first 

device; 

wherein said protected storage is write-only storage able to perform 
computations involving previously-written data. 

Claim 1 5 (previously presented) The computer program product as claimed in claim 
14 wherein a copy of said certificate is stored in an enterprise database. 

Claim 16 (currently amended) Th e comput e r program product as claim e d in claim 
44 A computer program product embodied in a machine readable medium for 
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3 initializing a first device distributed with an embedded radio module using a server, 

4 said server having an embedded radio module, wherein said computer program 

5 product comprises the programming steps of: 

6 sending an inquiry fi-om said server to said first device using said embedded 

7 radio modules: 

8 retuming, fi-om said first device, a unique device identifier of said first device, 

9 to said server: 

10 creating, at said server, a public key, private key pair for said first device: 

11 creating, at said server, a device certificate for said first device, said device 

12 certificate having a unique hardware identifier associated with said first device and a 

13 public key associated with said first device: 

14 transmitting said private key, and said device certificate, and a public key of a 

15 Certificate Authority which signed said device certificate, to said first device: and 

16 storing said private key in non-removable protected storage at said first 

17 device: 

18 wherein said protected storage is write-only storage able to perform 

19 computations involving previously- written data: 

20 wherein a copy of said certificate is stored in an LDAP directory. 
Claim 17 (cancelled) 

1 Claim 18 (previously presented) A computer program product embodied in a 

2 machine readable medium for initializing a first device distributed with an embedded 

3 radio module using a server, said server having an embedded radio module, wherein 

4 said computer program product comprises the programming steps of: 

5 sending an inquiry fi-om said server to said first device using said embedded 

6 radio modules; 

7 creating, at said first device, a public key, private key pair for said first device; 

8 storing, at said first device, said private key in non-removable protected 

9 storage; 



-7- 



CR9-99-045 



PATENT 



10 
11 
12 
13 
14 
15 
16 
17, 

1 
2 
3 

1 

2 

3 

1 
2 
3 

1 
2 
3 



returning, from said first device, a unique device identifier and said public key 
of said first device, to said server; 

creating, at said server, a device certificate for said first device, said device 
certificate having said device identifier and said public key; and 

transmitting said device certificate and a public key of a Certificate Authority 
which signed said device certificate to said first device; 

wherein said protected storage is a write-only storage able to perform 
computations involving previously- written data. 

Claim 19 (previously presented) The method as recited in claim 2, wherein 
communication between said first device and said server is performed in a wireless 
manner. 

Claim 20 (previously presented) The system as recited in claim 8, wherein 
communication between said first device and said server is performed in a wireless 
manner. 

Claim 21 (previously presented) The computer program product as recited in claim ' 
14, wherein communication between said first device and said server is performed in 
a wireless manner. 

Claim 22 (previously presented) The computer program product as recited in claim 
18, wherein communication between said first device and said server is performed in 
a wireless manner. 
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